A Survey on Recent Advanced Research of CPS Security

Cyber-physical systems (CPSs) are next-generation intelligent systems that integrate computing, communication, and control. Malicious attacks on CPSs can lead to both property damage and casualties. Therefore, it is worth surveying CPS security by reviewing and analyzing the latest high-quality related works. In this paper, we provide an overview of the CPS security studies from the last five years and select 142 related works from A- or B-level conferences/journals recommended by the China Computer Federation (CCF). First, we review the main contents of the selected papers and classify them into 24 topics. Then, we analyze hotspots and trends of CPS security technologies in three dimensions: (1) architecture layers (perception, network, and application); (2) application scenarios (smart grids, health care, smart transportation, smart homes, and general grids); and (3) MADC (Measure, Attack, Defense, and Control) types. Finally, we also perform a statistical analysis in terms of paper publication times, author institutes, countries, and sponsors to show the current worldwide CPS security research situation

Fine-Grained Identification for Large-Scale IoT Devices: A Smart Probe-Scheduling Approach Based on Information Feedback

A large number of IoT devices access the Internet. While enriching our lives, IoT devices bring potential security risks. Device identification is one effective way to mitigate security risks and manage IoT assets. Typical identification algorithms generally separate data capture and target identification into two parts. As a result, it is inefficient and coarse-grained to evaluate the results only once the identification process is complete and then adjust the data capture strategy afterward. To solve this problem, we propose a fine-grained probe-scheduling approach based on information feedback. First, we model the probe surface as three layers for IoT devices and define their relationships. Then, we improve the policy gradient algorithm to optimize the probe policy and generate the optimal probe sequence for the target device. We implement a prototype system and evaluate it on 53,000 IoT devices across various categories to show its wide applicability. The results indicate that our approach can achieve success rates of 96.89%, 93.43%, and 83.71% for device brand, model, and firmware version, respectively, and reduce the identification time by 55.96%

EasyStego: Robust Steganography Based on Quick-Response Barcodes for Crossing Domains

Despite greater attention being paid to sensitive-information leakage in the cyberdomain, the sensitive-information problem of the physical domain remains neglected. Anonymous users can easily access the sensitive information of other users, such as transaction information, health status, and addresses, without any advanced technologies. Ideally, secret messages should be protected not only in the cyberdomain but also in the complex physical domain. However, popular steganography schemes only work in the traditional cyberdomain and are useless when physical distortions of messages are unavoidable. This paper first defines the concept of cross-domain steganography, and then proposes EasyStego, a novel cross-domain steganography scheme. EasyStego is based on the use of QR barcodes as carriers; therefore, it is robust to physical distortions in the complex physical domain. Moreover, EasyStego has a large capacity for embeddable secrets and strong scalability in various scenarios. EasyStego uses an AES encryption algorithm to control the permissions of secret messages, which is more effective in reducing the possibility of sensitive-information leakage. Experiments show that EasyStego has perfect robustness and good efficiency. Compared with the best current steganography scheme based on barcodes, EasyStego has greater steganographic capacity and less impact on barcode data. In robustness tests, EasyStego successfully extracts secret messages at different angles and distances. In the case of adding natural textures and importing quantitative error bits, other related steganography techniques fail, whereas EasyStego can extract secret messages with a success rate of nearly 100%

An Improved Oversampling Algorithm Based on the Samples’ Selection Strategy for Classifying Imbalanced Data

The imbalance data refers to at least one of its classes which is usually outnumbered by the other classes. The imbalanced data sets exist widely in the real world, and the classification for them has become one of the hottest issues in the field of data mining. At present, the classification solutions for imbalanced data sets are mainly based on the algorithm-level and the data-level. On the data-level, both oversampling strategies and undersampling strategies are used to realize the data balance via data reconstruction. SMOTE and Random-SMOTE are two classic oversampling algorithms, but they still possess the drawbacks such as blind interpolation and fuzzy class boundaries. In this paper, an improved oversampling algorithm based on the samples’ selection strategy for the imbalanced data classification is proposed. On the basis of the Random-SMOTE algorithm, the support vectors (SV) are extracted and are treated as the parent samples to synthesize the new examples for the minority class in order to realize the balance of the data. Lastly, the imbalanced data sets are classified with the SVM classification algorithm. F-measure value, G-mean value, ROC curve, and AUC value are selected as the performance evaluation indexes. Experimental results show that this improved algorithm demonstrates a good classification performance for the imbalanced data sets

BlockMatch: A Fine-Grained Binary Code Similarity Detection Approach Using Contrastive Learning for Basic Block Matching

Binary code similarity detection (BCSD) plays a vital role in computer security and software engineering. Traditional BCSD methods heavily rely on specific features and necessitate rich expert knowledge, which are sensitive to code alterations. To improve the robustness against minor code alterations, recent research has shifted towards machine learning-based approaches. However, existing BCSD approaches mainly focus on function-level matching and face challenges related to large batch optimization and high quality sample selection at the basic block level. To overcome these challenges, we propose BlockMatch, a novel fine-grained BCSD approach that leverages natural language processing (NLP) techniques and contrastive learning for basic block matching. We treat instructions of basic blocks as a language and utilize a DeBERTa model to capture relative position relations and contextual semantics for encoding instruction sequences. For various operands in binary code, we propose a root operand model pre-training task to mitigate semantic missing of unseen operands. We then employ a mean pooling layer to generate basic block embeddings for detecting binary code similarity. Additionally, we propose a contrastive training framework, including a block augmentation model to generate high-quality training samples, improving the effectiveness of model training. Inspired by contrastive learning, we adopt the NT-Xent loss as our objective function, which allows larger sample sizes for model training and mitigates the convergence issues caused by limited local positive/negative samples. By conducting extensive experiments, we evaluate BlockMatch and compare it against state-of-the-art approaches such as PalmTree and SAFE. The results demonstrate that BlockMatch achieves a recall@1 of 0.912 at the basic block level under the cross-compiler scenario (pool size = 10), which outperforms PalmTree (0.810) and SAFE (0.798). Furthermore, our ablation study shows that the proposed contrastive training framework and root operand model pre-training task help our model achieve superior performance

Optimizing IoT Web Fuzzing by Firmware Infomation Mining

IoT web fuzzing is an effective way to detect security flaws in IoT devices. However, without enough information of the tested targets, IoT web fuzzing is often blind and inefficient. In this paper, we propose to use static analysis to assist IoT web fuzzing. Our insight is that plenty of useful information is hidden in firmwares, which can be mined by static analysis and used to guide the subsequent dynamic analysis—fuzzing. Hence, our approach contains two stages: pre-fuzzing stage and fuzzing stage. In the pre-fuzzing stage, we perform static analysis on the IoT firmwares to exploit helpful information, such as web page paths, interfaces, and shared keywords. These kinds of information are used to construct diverse seeds for covering more web paths and interfaces, and are also used to prioritize seeds according to their importance (related to shared keywords) in the fuzzing stage. Based on this approach, we implement a prototype IoT web fuzzing system—IoTParser. Experiments show that IoTParser increased the vulnerability discovery capability by 44% on average, while increasing the vulnerability discovery efficiency by 48.2% on average compared with state-of-the-art IoT web fuzzer. In addition, IoTParser has found 13 vulnerabilities, including 7 0-day

Optimizing IoT Web Fuzzing by Firmware Infomation Mining

IoT web fuzzing is an effective way to detect security flaws in IoT devices. However, without enough information of the tested targets, IoT web fuzzing is often blind and inefficient. In this paper, we propose to use static analysis to assist IoT web fuzzing. Our insight is that plenty of useful information is hidden in firmwares, which can be mined by static analysis and used to guide the subsequent dynamic analysis—fuzzing. Hence, our approach contains two stages: pre-fuzzing stage and fuzzing stage. In the pre-fuzzing stage, we perform static analysis on the IoT firmwares to exploit helpful information, such as web page paths, interfaces, and shared keywords. These kinds of information are used to construct diverse seeds for covering more web paths and interfaces, and are also used to prioritize seeds according to their importance (related to shared keywords) in the fuzzing stage. Based on this approach, we implement a prototype IoT web fuzzing system—IoTParser. Experiments show that IoTParser increased the vulnerability discovery capability by 44% on average, while increasing the vulnerability discovery efficiency by 48.2% on average compared with state-of-the-art IoT web fuzzer. In addition, IoTParser has found 13 vulnerabilities, including 7 0-day

Transcriptomic profiling reveals molecular regulation of seasonal reproduction in Tibetan highland fish, Gymnocypris przewalskii

Abstract Background The Tibetan highland fish, Gymnocypris przewalskii, migrates from Lake Qinghai to its spawning grounds every summer. This seasonal reproduction is critically regulated by intrinsic and extrinsic signals. However, the molecular mechanisms that process environmental oscillations to initiate the seasonal mating are largely unknown. Results A transcriptomic analysis was conducted on the brain and gonad of male and female G. przewalskii in reproductive and nonreproductive seasons. We obtained 2034, 760, 1158 and 17,856 differentially expressed genes between the reproductively active and dormant female brain, male brain, ovary and testis. Among these genes, DIO2 was upregulated in the reproductively active brain and gonad of both males and females. Neuroactive ligand-receptor genes were activated in male and female brain. Functional enrichment analysis suggested that retinol metabolism was uniquely stimulated in reproductively active males. Genes involved in GnRH signaling and sex hormone synthesis exhibited higher expression levels in brain and gonad during the reproductive season. A co-expression network classified all the genes into 9 modules. The network pinpointed CDC42 as the hub gene that connected the pathways in responsible for modulating reproduction in G. przewalskii. Meanwhile, the sex pheromone receptor gene prostaglandin receptor was identified to link to multiple endocrine receptors, such as GnRHR2 in the network. Conclusions The current study profiled transcriptomic variations between reproductively active and dormant fish, highlighting the potential regulatory mechanisms of seasonal reproduction in G. przewalskii. Our data suggested that the seasonal regulation of reproduction in G. przewalskii was controlled by the external stimulation of photoperiodic variations. The activated transcription of neuroendocrine and sex hormone synthesis genes contributed to seasonal reproduction regulation in G. przewalskii, which was presumably influenced by the increased day-length during the breeding season